- From: Robin Berjon <robin@berjon.com>
- Date: Thu, 19 Nov 2009 12:36:43 +0100
- To: marcosc@opera.com
- Cc: Suresh Chitturi <schitturi@rim.com>, public-webapps@w3.org
On Nov 19, 2009, at 12:03 , Marcos Caceres wrote: >> RATIONALE: The ability of having nested <feature> elements under the >> <access> element, allows the widget authors to control access to a >> specific set of (platform) features on a per resource/domain basis, >> improving the overall access-control and Widgets security model. > > Can you describe the use cases here? I know for playing around with > the blackberry emulator that you guys (RIM) already implement this. > Can you give us some insight into the actual use case and rationale? > What kinds of features are being tightly controlled by <access>? That would be my question as well. To provide more detail, the idea is that remote resources accessed by widgets (in this case we're talking about <iframe> and <object> only I think) follow the normal web security model. I have qualms about having the widget model reach onto the web without very good reason for it. It also makes WARP more complex — I would like to once again strongly reinforce the idea that WARP is intended to be extremely simple, and a stop-gap specification until DAP produces something appropriately powerful. The Feature Vault is guarded by an oversized Pistol Shrimp [0] with a bad temper. She will require a very strong use case for this sort of additional feature. [0] http://www.youtube.com/watch?v=eKPrGxB1Kzc -- Robin Berjon - http://berjon.com/
Received on Thursday, 19 November 2009 11:37:18 UTC